Information Technology Reference
In-Depth Information
Authorizing users and assigning roles
RHEV applies user authorization controls based on three main aspects. The first aspect is
the user who is performing the operation, type of action, and the object on which the action
is being performed. RHEV uses the user-action-object model to assign permissions or
roles.
To perform an action, the user must have the required permission for the object that is to be
worked upon. The permission enables the user to perform some actions on either individual
objects or container objects. Examples of individual objects are specific virtual machines,
hosts, or a storage domain, and examples of container objects are data center or clusters in
RHEV. Users who have permission to access container objects have permission to access
all member objects of the container, such as storage, virtual machines, templates, and more.
RHEV provides a range of preconfigured roles, such as super user, power user, and more.
You can't remove these roles; rather, you can clone the preconfigured roles and customize
them based on your requirements from the manager admin portal for the administrator with
system-wide access and specific virtual machine access to end users. In short, roles are a
collection of permissions on RHEV.
The administrator role allows you to access the administration portal in order to manage
physical and virtual resources. On the other hand, the user role will allow you to manage
only a specific set of virtual machines and templates assigned to the user, and the power
user role will allow you to create a virtual machine from the user portal. For a complete list
of various user roles, please refer to the Red Hat Enterprise Virtualization Manager User
Properties and Roles section from RHEV 3 Administration Guide at ht-
tps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.3/html/
Administration_Guide/sect-
Red_Hat_Enterprise_Virtualization_Manager_User_Properties_and_Roles.html .
To assign power user role permissions to one of the users, named ipauser1, perform the fol-
lowing steps:
1. Log in to the administrator portal, and navigate to the Users tab.
2. Click on Configure from the top right-hand side of the header bar, and this will
open a Configure window.
3. Move to the System Permissions tab, and click on Add . This will open the Add
System Permission to User window.
Previous Page
Next Page
Getting Started with Red Hat Enterprise Virtualization
Search WWH ::




Custom Search
Home